CompTIA SY0-401 Dumps and Practice Tests with Real Questions
WTF! SY0-401 questions had been exactly the identical in relaxation test that I got.
SY0-401 free pdf | SY0-401 sample test questions | SY0-401 real questions | SY0-401 test answers | SY0-401 free pdf - bigdiscountsales.com
SY0-401 - CompTIA Security+ - Dump Information
Vendor | : | CompTIA |
Exam Code | : | SY0-401 |
Exam Name | : | CompTIA Security+ |
Questions and Answers | : | 1776 Q & A |
Updated On | : | October 24, 2017 |
PDF Download Mirror | : | SY0-401 Brain Dump |
Get Full Version | : | Pass4sure SY0-401 Full Version |
located SY0-401 actual question source.
I didnt plan to use any brain dumps for my IT certification exams, but being under pressure of the difficulty of SY0-401 exam, I ordered this bundle. I was impressed by the quality of these materials, they are absolutely worth the money, and I believe that they could cost more, this is how great they are! I didnt have any trouble while taking my exam thanks to bigdiscountsales. I simply knew all questions and answers! I got 97% with only a few weeks exam preparation, besides having some work experience, which was certainly helpful, too. So yes, bigdiscountsales is really good and highly recommended.exceptional to hear that real test questions of SY0-401 exam are supplied here.
i am very happy with this package deal as I were given over 96% on this SY0-401 examination. I read the official SY0-401 manual a little, but I guess bigdiscountsales was my foremost training resource. I memorized maximum of the questions and answers, and also invested the time to certainly apprehend the scenarios and tech/practice targeted parts of the examination. I assume that by means of itself purchasing the bigdiscountsales bundle does now not guarantee that you'll pass your exam - and a few checks are sincerely tough. yet, in case you study their materials tough and surely placed your mind and your heart into your exam instruction, then bigdiscountsales definitely beats any other exam prep options available out there.Just use these real question bank and success is yours.
i was looking to get ready for my SY0-401 check that became across the nook, i discovered myself to be lost within the books and wandering far far from the actual point. I didnt apprehend a single phrase and that turned into virtually concerningdue to the fact I had to prepare as soon as feasible. Giving up on my books I decided to register myself in thisbigdiscountsales and that changed into the pleasant decision. I cruised through my SY0-401 take a look at and became capable of get a respectable score so thanks very an awful lot.What are benefits of SY0-401 certification?
I missed a couple of inquiries only on the grounds that I went clear and didnt recollect the answer given in the unit, however since I got the rest right, I passed and solved 43/50 questions. So my recommendation is to learn all that I get from bigdiscountsales Q&A - this is everything I need to pass. I passed this exam because of bigdiscountsales. This pack is 100% faithful, a huge portion of the inquiries were the identical as what I got on the SY0-401 exam.That changed into brilliant! I got braindumps of SY0-401 examination.
bigdiscountsales is an accurate indicator for a students and customers functionality to paintings and take a look at for the SY0-401 exam. it is an correct indication in their potential, in particular with tests taken shortly before taking off their academic have a look at for the SY0-401 examination. bigdiscountsales offers a reliable updated. The SY0-401 tests provide a radical image of candidates potential and capabilities.What is needed to study for SY0-401 exam?
to start with I need to mention way to you people. i've cleared SY0-401 exam by subscribing to your take a look at materials. So I wanted to share my fulfillment for your internet site. thanks once more. thanks very tons to your exquisite assist. i have cleared my SY0-401 with ninety%.Do a smart move, prepare these SY0-401 Questions and Answers.
I had appeared the SY0-401 exam last year, but failed. It seemed very hard to me because of SY0-401 topics. They were really unmanageable till I found the questions & answer study guide by bigdiscountsales. This is the best guide I have ever purchased for my exam preparations. The way it handled the SY0-401 materials was superb and even a slow learner like me could handle it. Passed with 89% marks and felt above the world. Thanks bigdiscountsales!.Get value pack of knowledge to prepare SY0-401 exam.
some suitable guys cant carry an alteration to the worlds way but they can best tell you whether or not you have been the handiest man who knew a way to do that and that i need to be regarded in this global and make my very own mark and i have been so lame my whole way but I recognise now that I wanted to get a bypass in my SY0-401 and this can make me famous maybe and sure i'm brief of glory but passing my A+ exams with bigdiscountsales became my morning and night time glory.Did you attempted this exceptional source of latest Braindumps.
I spent enough time studying these materials and passed the SY0-401 exam. The stuff is good, and whilst those are braindumps, meaning these substances are constructed at the real exam stuff, I dont apprehend folks who try to bitch aboutthe SY0-401 questions being exceptional. In my case, now not all questions were one hundred% the equal, but the topics and widespread approach had been surely accurate. So, buddies, if you take a look at tough sufficient youll do just fine.what is pass ratio of SY0-401 exam?
After some weeks of SY0-401 coaching with this bigdiscountsales set, I exceeded the SY0-401 exam. I must admit, i'm relieved to go awayit behind, yet satisfied that i found bigdiscountsales to assist me get thru this exam. The questions and solutions they consist ofwithin the package are accurate. The solutions are proper, and the questions had been taken from the actual SY0-401 exam, and i were given them whilst taking the examination. It made matters loads simpler, and that i got a score rather higherthan I had was hoping for.See more CompTIA dumps
EK0-001 | SK0-003 | CD0-001 | TK0-201 | JK0-U21 | PD0-001 | CV0-001 | SY0-401 | CS0-001 | 220-901 | PK0-003 | FC0-TS1 | LX0-103 | CN0-201 | ISS-001 | FC0-U41 | PK0-004 | MB0-001 | N10-006 | JK0-801 | JK0-U11 | JK0-802 | 220-902 | LX0-104 | JK0-U31 | FC0-U51 | JK0-019 | JK0-023 | CAS-002 | JK0-022 | SK0-004 | CLO-001 | FC0-U11 |Latest Exams added on bigdiscountsales
1Z0-453 | 210-250 | 300-210 | 500-205 | 500-210 | 70-765 | 9A0-409 | C2010-555 | C2090-136 | C9010-260 | C9010-262 | C9020-560 | C9020-568 | C9050-042 | C9050-548 | C9050-549 | C9510-819 | C9520-911 | C9520-923 | C9520-928 | C9520-929 | C9550-512 | CPIM-BSP | C_TADM70_73 | C_TB1200_92 | C_TBW60_74 | C_TPLM22_64 | C_TPLM50_95 | DNDNS-200 | DSDPS-200 | E20-562 | E20-624 | E_HANABW151 | E_HANAINS151 | JN0-1330 | JN0-346 | JN0-661 | MA0-104 | MB2-711 | NSE6 | OMG-OCRES-A300 | P5050-031 |See more dumps on bigdiscountsales
220-901 | HP0-286 | 000-208 | 1Z0-899 | 1Z0-591 | 4A0-100 | 00M-665 | 310-610 | 1Z0-898 | 920-338 | 000-046 | MB4-211 | E20-655 | HH0-280 | 642-270 | A2090-312 | 1Z1-574 | IL0-786 | 00M-194 | 000-N55 | C_TSCM42_66 | EE0-071 | C4090-971 | C7020-230 | 644-066 | 000-676 | C_HANAIMP_11 | HH0-200 | 920-123 | SPS-201 | A2090-303 | 3305 | MAYA11-A | A2150-563 | 71-687 | 1Z0-151 | 1Z0-963 | DC0-261 | 132-S-70 | HP0-M12 | 000-886 | 132-S-900.7 | 9L0-806 | 1Z0-063 | FN0-240 | P2090-086 | M2150-810 | 644-906 | M2040-671 | 1Z0-554 |SY0-401 Questions and Answers
QUESTION: 262
An
organization receives an email that provides instruction on how to
protect a system from being a target of new malware that is rapidly
infecting systems. The incident response team investigates the
notification and determines it to invalid and notifies users to
disregard the email. Which of the following Best describes this
occurrence?
- Phishing
- Scareware
- SPAM
- Hoax
Answer: D
QUESTION: 263
During
an office move a sever containing the employee information database
will be shut down and transported to a new location. Which of the
following would BEST ensure the availability of the employee database
should happen to the server during the move?
- The contents of the database should be encrypted; the encryption key should be stored off-site
- A hash of the database should be taken and stored on an external drive prior to the move
- The database should be placed on a drive that consists of a RAID array prior to the move
- A backup of the database should be stored on an external hard drive prior to the move
Answer: D
QUESTION: 264
Which of the following is primarily used to provide fault tolerance at the application level? (Select TWO)
- Load balancing
- RAID array
- RAID 6
- Server clustering
- JBOD array
QUESTION: 265
A
security administrator needs to implement a technology that creates a
secure key exchange. Neither party involved in the key exchange will
have pre-existing knowledge of one another. Which of the following
technologies would allow for this?
- Blowfish
- NTLM
- Diffie-Hellman
- CHAP
Answer: C
QUESTION: 266
A
portable data storage device has been determined to have malicious
firmware. Which of the following is the BEST course of action to ensure
data confidentiality?
- Format the device
- Re-image the device
- Perform virus scan in the device
- Physically destroy the device
Answer: C
QUESTION: 267
Ann,
a security administrator, has been instructed to perform fuzz-based
testing on the company’s applications. Which of the following best
describes what she will do?
- Enter random or invalid data into the application in an attempt to cause it to fault
- Work with the developers to eliminate horizontal privilege escalation opportunities
- Test the applications for the existence of built-in- back doors left by the developers
- Hash the application to verify it won’t cause a false positive on the HIPS.
QUESTION: 268
a
malicious attacker has intercepted HTTP traffic and inserted an ASCII
line that sets the referrer URL. Which of the following is the attacker
most likely utilizing?
- Header manipulation
- Cookie hijacking
- Cross-site scripting
- Xml injection
Answer: D
QUESTION: 269
A
user attempts to install a new and relatively unknown software program
recommended by a colleague. The user is unable to install the program,
dispute having successfully installed other programs previously. Which
of the following is MOST likely the cause for the user’s inability to
complete the installation?
- Application black listing
- Network Intrusion Prevention System
- Group Policy
- Application White Listing
Answer: A
QUESTION: 270
A
Company has recently identified critical systems that support business
operations. Which of the following will once defined, be the requirement
for restoration of these systems within a certain period of time?
- Mean Time Between Failure
- Mean Time to Restore
- Recovery Point Objective
- Recovery Time Objective
Answer: A
QUESTION: 271
A
network manager needs a cost-effective solution to allow for the
restoration of information with a RPO of 24 hours. The disaster recovery
plan also requires that backups occur within a restricted timeframe
during the week and be take offsite weekly. Which of the following
should the manager choose to BEST address these requirements?
- Daily incremental backup to tape
- Disk-to-disk hourly server snapshots
- Replication of the environment at a hot site
- Daily differential backup to tape
- Daily full backup to tape
Answer: A
QUESTION: 272
While
reviewing the security controls in place for a web-based application, a
security controls assessor notices that there are no password strength
requirements in place. Because of this vulnerability, passwords might be
easily discovered using a brute force attack. Which of the following
password requirements will MOST effectively improve the security posture
of the application against these attacks? (Select two)
- Minimum complexity
- Maximum age limit
- Maximum length
- Minimum length
- Minimum age limit
- Minimum re-use limit
Answer: D, F
QUESTION: 273
A
security administrator implements a web server that utilizes an
algorithm that requires other hashing standards to provide data
integrity. Which of the following algorithms would meet the requirement?
- SHA
- MD5
- RIPEMD
- HMAC
QUESTION: 274
A
technician has installed new vulnerability scanner software on a server
that is joined to the company domain. The vulnerability scanner is able
to provide visibility over the patch posture of all company’s clients.
Which of the following is being used?
- Gray box vulnerability testing
- Passive scan
- Credentialed scan
- Bypassing security controls
Answer: A
QUESTION: 275
A
global gaming console manufacturer is launching a new gaming platform
to its customers. Which of the following controls reduces the risk
created by malicious gaming customers attempting to circumvent control
by way of modifying consoles?
- Firmware version control
- Manual software upgrades
- Vulnerability scanning
- Automatic updates
- Network segmentation
- Application firewalls
Answer: A, D
QUESTION: 276
A
company is deploying a new VoIP phone system. They require 99.999%
uptime for their phone service and are concerned about their existing
data network interfering with the VoIP phone system. The core switches
in the existing data network are almost fully saturated. Which of the
following options will pro-vide the best performance and availability
for both the VoIP traffic, as well as the traffic on the existing data
network?
- Put the VoIP network into a different VLAN than the existing data network.
- Upgrade the edge switches from 10/100/1000 to improve network speed
- Physically separate the VoIP phones from the data network
Answer: A
CompTIA SY0-401 Exam (CompTIA Security+) Detailed Information
SY0-401 - CompTIA Security+
SY0-401 Test Objectives
CompTIA Security+
Certification Exam Objectives
EXAM NUMBER: SY0-401
About the Exam
The
CompTIA Security+ certification is a vendor-neutral, internationally
recognized credential used by organizations and security professionals
around the globe to validate foundation- level security skills and
knowledge. Candidates are encouraged to use this document to
help
prepare for CompTIA Security+ SY0-401, which measures necessary skills
for IT security professionals. Successful candidates will have the
knowledge required to:
- Identify risk
- Participate in risk mitigation activities
- Provide infrastructure, application, information and operational security
- Apply security controls to maintain confidentiality, integrity and availability
- Identify appropriate technologies and products
- Troubleshoot security events and incidents
- Operate with an awareness of applicable policies, laws and regulationsThese content examples are meant to clarify the test objectives and should not be construed as a comprehensive listing of all content in this examination.EXAM ACCREDITATIONCompTIA Security+ is accredited by ANSI to show compliance with the ISO 17024 Standard and, as such, the exam objectives undergo regular reviews and updates.EXAM DEVELOPMENTCompTIA exams result from subject matter expert workshops and industry-wide survey results regarding the skills and knowledge required of an IT professional.TEST DETAILSRequired exam CompTIA Security+ SY0-401 Number of questions Maximum of 90Types of questions Multiple choice and performance-based Length of test 90 minutesRecommended experience At least two years of experiencein IT administration with a focus on securityPassing score 750 (on a scale of 100–900)EXAM OBJECTIVES (DOMAINS)The table below lists the domains measured by this examination and the extent to which they are represented:
DOMAIN PERCENTAGE OF EXAMINATION
1.0 Network Security 20%2.0 Compliance and Operational Security 18%3.0 Threats and Vulnerabilities 20%4.0 Application, Data and Host Security 15%5.0 Access Control and Identity Management 15% - Cryptography 12%Total 100%1.0 Network Security
1.1
Implement security configuration parameters on network devices and other technologies.- Firewalls
- Routers
- Switches
- Load balancers
- Proxies
- Web security gateways
- VPN concentrators
- NIDS and NIPS
- Behavior-based
- Signature-based
- Anomaly-based
- Heuristic
- Protocol analyzers
- Spam filter
- UTM security appliances
- URL filter
- Content inspection
- Malware inspection
- Web application firewall vs. network firewall
- Application aware devices
- Firewalls
- IPS
- IDS
- Proxies
1.2
Given a scenario, use secure network administration principles.
- Rule-based management
- Firewall rules
- VLAN management
- Secure router configuration
- Access control lists
- Port security• 802.1x
- Flood guards
- Loop protection
- Implicit deny
- Network separation
- Log analysis
- Unified threat management
1.3
Explain network design elements and components. - DMZ
- Subnetting
- VLAN
- NAT
- Remote access
- Telephony
- NAC
- Virtualization
- Cloud computing
- PaaS
- SaaS
- IaaS
- Private
- Public
- Hybrid
- Community
- Layered security/defense in depth1.0 Network Security
1.4
Given a scenario, implement common protocols and services. - Protocols
- IPSec
- SNMP
- SSH
- DNS
- TLS
- SSL
- TCP/IP
- FTPS
- HTTPS
- SCP
- ICMP
- IPv4
- IPv6
- iSCSI
- Fibre Channel
- FCoE
- FTP
- SFTP
- TFTP
- TELNET
- HTTP
- NetBIOS
- Ports- 21- 22- 25- 53- 80- 110- 139- 143- 443- 3389
- OSI relevance
1.5
Given a scenario, troubleshoot security issues related to wireless networking. - WPA
- WPA2
- WEP
- EAP
- PEAP
- LEAP
- MAC filter
- Disable SSID broadcast
- TKIP
- CCMP
- Antenna placement
- Power level controls
- Captive portals
- Antenna types
- Site surveys
- VPN (over open wireless)2.0 Compliance and Operational Security
2.1
Explain the importance of risk related concepts. - Control types
- Technical
- Management
- Operational
- False positives
- False negatives
- Importance of policies in reducing risk
- Privacy policy
- Acceptable use
- Security policy
- Mandatory vacations
- Job rotation
- Separation of duties
- Least privilege
- Risk calculation
- Likelihood
- ALE
- Impact
- SLE
- ARO
- MTTR
- MTTF
- MTBF
- Quantitative vs. qualitative
- Vulnerabilities
- Threat vectors
- Probability/threat likelihood
- Risk avoidance, transference, acceptance, mitigation, deterrence
- Risks associated with cloud computing and virtualization
- Recovery time objective and recovery point objective
2.2
Summarize the security implications of integrating systems and data with third parties. - On-boarding/off-boarding business partners
- Social media networks and/or applications
- Interoperability agreements
- SLA
- BPA
- MOU
- ISA
- Privacy considerations
- Risk awareness
- Unauthorized data sharing
- Data ownership
- Data backups
- Follow security policy and procedures
- Review agreement requirements to verify compliance and performance standards
2.3
Given a scenario, implement appropriate risk mitigation strategies.- Change management
- Incident management
- User rights and permissions reviews
- Perform routine audits
- Enforce policies and procedures to prevent data loss or theft
- Enforce technology controls
- Data Loss Prevention (DLP)
2.4
2.0 Compliance and Operational SecurityGiven a scenario, implement basic forensic procedures.
- Order of volatility
- Capture system image
- Network traffic and logs
- Capture video
- Record time offset
- Take hashes
- Screenshots
- Witnesses
- Track man hours and expense
- Chain of custody
- Big Data analysis
2.5
Summarize common incident response procedures. - Preparation
- Incident identification
- Escalation and notification
- Mitigation steps
- Lessons learned
- Reporting
- Recovery/reconstitution procedures
- First responder
- Incident isolation
- Quarantine
- Device removal
- Data breach
- Damage and loss control
2.6
Explain the importance of security related awareness and training. - Security policy training and procedures
- Role-based training
- Personally identifiable information
- Information classification
- High
- Medium
- Low
- Confidential
- Private
- Public
- Data labeling, handling and disposal
- Compliance with laws, best practices and standards
- User habits
- Password behaviors
- Data handling
- Clean desk policies
- Prevent tailgating
- Personally owned devices
- New threats and new security trends/alerts
- New viruses
- Phishing attacks
- Zero-day exploits
- Use of social networking and P2P
- Follow up and gather training metrics to validate compliance and security posture
2.7
Compare and contrast physical security and environmental controls. - Environmental controls
- HVAC
- Fire suppression
- EMI shielding
- Hot and cold aisles
- Environmental monitoring
- Temperature and humidity controls
- Physical security
- Hardware locks
- Mantraps
- Video surveillance
- Fencing
- Proximity readers
- Access list
- Proper lighting
- Signs
- Guards
- Barricades
- Biometrics
- Protected distribution (cabling)
- Alarms
- Motion detection
- Control types
- Deterrent
- Preventive
- Detective
- Compensating
- Technical
- Administrative
2.8
2.0 Compliance and Operational SecuritySummarize risk management best practices.
- Business continuity concepts
- Business impact analysis
- Identification of critical systems and components
- Removing single points of failure
- Business continuity planning and testing
- Risk assessment
- Continuity of operations
- Disaster recovery
- IT contingency planning
- Succession planning
- High availability
- Redundancy
- Tabletop exercises
- Fault tolerance
- Hardware
- RAID
- Clustering
- Load balancing
- Servers
- Disaster recovery concepts
- Backup plans/policies
- Backup execution/frequency
- Cold site
- Hot site
- Warm site
2.9
Given a scenario, select the appropriate control to meet the goals of security.
- Confidentiality
- Encryption
- Access controls
- Steganography
- Integrity
- Hashing
- Digital signatures
- Certificates
- Non-repudiation
- Availability
- Redundancy
- Fault tolerance
- Patching
- Safety
- Fencing
- Lighting
- Locks
- CCTV
- Escape plans
- Drills
- Escape routes
- Testing controls3.0 Threats and Vulnerabilities
3.1
Explain types of malware.
- Adware
- Virus
- Spyware
- Trojan
- Rootkits
- Backdoors
- Logic bomb
- Botnets
- Ransomware
- Polymorphic malware
- Armored virus
3.2
Summarize various types of attacks. - Man-in-the-middle
- DDoS
- DoS
- Replay
- Smurf attack
- Spoofing
- Spam
- Phishing
- Spim
- Vishing
- Spear phishing
- Xmas attack
- Pharming
- Privilege escalation
- Malicious insider threat
- DNS poisoning and ARP poisoning
- Transitive access
- Client-side attacks
- Password attacks
- Brute force
- Dictionary attacks
- Hybrid
- Birthday attacks
- Rainbow tables
- Typo squatting/URL hijacking
- Watering hole attack
3.3
Summarize social engineering attacks and the associated effectiveness with each attack. - Shoulder surfing
- Dumpster diving
- Tailgating
- Impersonation
- Hoaxes
- Whaling
- Vishing
- Principles (reasons for effectiveness)
- Authority
- Intimidation
- Consensus/social proof
- Scarcity
- Urgency
- Familiarity/liking
- Trust
3.4
Explain types of wireless attacks.
- Rogue access points
- Jamming/interference
- Evil twin
- War driving
- Bluejacking
- Bluesnarfing
- War chalking
- IV attack
- Packet sniffing
- Near field communication
- Replay attacks
- WEP/WPA attacks
- WPS attacks
3.5
Explain types of application attacks.
Threats and Vulnerabilities
- Cross-site scripting
- SQL injection
- LDAP injection
- XML injection
- Directory traversal/command injection
- Buffer overflow
- Integer overflow
- Zero-day
- Cookies and attachments
- Locally Shared Objects (LSOs)
- Flash cookies
- Malicious add-ons
- Session hijacking
- Header manipulation
- Arbitrary code execution/remote code execution
3.6
Analyze a scenario and select the appropriate type of mitigation and deterrent techniques. - Monitoring system logs
- Event logs
- Audit logs
- Security logs
- Access logs
- Hardening
- Disabling unnecessary services
- Protecting management interfaces and applications
- Password protection
- Disabling unnecessary accounts
- Network security
- MAC limiting and filtering- 802.1x
- Disabling unused interfacesand unused application service ports
- Rogue machine detection
- Security posture
- Initial baseline configuration
- Continuous security monitoring
- Remediation
- Reporting
- Alarms
- Alerts
- Trends
- Detection controls vs. prevention controls
- IDS vs. IPS
- Camera vs. guard
3.7
Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities.- Interpret results of security assessment tools
- Tools
- Protocol analyzer
- Vulnerability scanner
- Honeypots
- Honeynets
- Port scanner
- Passive vs. active tools
- Banner grabbing
- Risk calculations
- Threat vs. likelihood
- Assessment types
- Risk
- Threat
- Vulnerability
- Assessment technique
- Baseline reporting
- Code review
- Determine attack surface
- Review architecture
- Review designs
3.8
Explain the proper use of penetration testing versus vulnerability scanning.
- Penetration testing
- Verify a threat exists
- Bypass security controls
- Actively test security controls
- Exploiting vulnerabilities
- Vulnerability scanning
- Passively testing security controls
- Identify vulnerability
- Identify lack of security controls
- Identify common misconfigurations
- Intrusive vs. non-intrusive
- Credentialed vs. non-credentialed
- False positive
- Black box
- White box
- Gray box4.0 Application, Data and Host Security
4.1
Explain the importance of application security controls and techniques. - Fuzzing
- Secure coding concepts
- Error and exception handling
- Input validation
- Cross-site scripting prevention
- Cross-site Request Forgery (XSRF) prevention
- Application configuration baseline (proper settings)
- Application hardening
- Application patch management
- NoSQL databases vs. SQL databases
- Server-side vs. client-side validation
4.2
Summarize mobile security concepts and technologies. - Device security
- Full device encryption
- Remote wiping
- Lockout
- Screen locks
- GPS
- Application control
- Storage segmentation
- Asset tracking
- Inventory control
- Mobile device management
- Device access control
- Removable storage
- Disabling unused features
- Application security
- Key management
- Credential management
- Authentication
- Geo-tagging
- Encryption
- Application whitelisting
- Transitive trust/authentication
- BYOD concerns
- Data ownership
- Support ownership
- Patch management
- Antivirus management
- Forensics
- Privacy
- On-boarding/off-boarding
- Adherence to corporate policies
- User acceptance
- Architecture/infrastructure considerations
- Legal concerns
- Acceptable use policy
- On-board camera/video
4.3
Given a scenario, select the appropriate solution to establish host security.
- Operating system security and settings
- OS hardening
- Anti-malware
- Antivirus
- Anti-spam
- Anti-spyware
- Pop-up blockers
- Patch management
- Whitelisting vs. blacklisting applications
- Trusted OS
- Host-based firewalls
- Host-based intrusion detection
- Hardware security
- Cable locks
- Safe
- Locking cabinets
- Host software baselining
- Virtualization
- Snapshots
- Patch compatibility
- Host availability/elasticity
- Security control testing
- Sandboxing
4.4
4.0 Application, Data and Host SecurityImplement the appropriate controls to ensure data security.
- Cloud storage
- SAN
- Handling Big Data
- Data encryption
- Full disk
- Database
- Individual files
- Removable media
- Mobile devices
- Hardware-based encryption devices
- TPM
- HSM
- USB encryption
- Hard drive
- Data in transit, data at rest, data in use
- Permissions/ACL
- Data policies
- Wiping
- Disposing
- Retention
- Storage
4.5
Compare and contrast alternative methods to mitigate security risks in static environments.
- Environments
- SCADA
- Embedded (printer, smart TV, HVAC control)
- Android
- iOS
- Mainframe
- Game consoles
- In-vehicle computing systems
- Methods
- Network segmentation
- Security layers
- Application firewalls
- Manual updates
- Firmware version control
- Wrappers
- Control redundancy and diversity5.0 Access Control and Identity Management
5.1
Compare and contrast the function and purpose of authentication services.
- RADIUS
- TACACS+
- Kerberos
- LDAP
- XTACACS
- SAML
- Secure LDAP
5.2
Given a scenario, select the appropriate authentication, authorization or access control. - Identification vs. authentication vs. authorization
- Authorization
- Least privilege
- Separation of duties
- ACLs
- Mandatory access
- Discretionary access
- Rule-based access control
- Role-based access control
- Time of day restrictions
- Authentication
- Tokens
- Common access card
- Smart card
- Multifactor authentication
- TOTP
- HOTP
- CHAP
- PAP
- Single sign-on
- Access control
- Implicit deny
- Trusted OS
- Authentication factors
- Something you are
- Something you have
- Something you know
- Somewhere you are
- Something you do
- Identification
- Biometrics
- Personal identification verification card
- Username
- Federation
- Transitive trust/authentication
5.3
Install and configure security controls when performing account management, based on best practices. - Mitigate issues associated with users with multiple account/ roles and/or shared accounts
- Account policy enforcement
- Credential management
- Group policy
- Password complexity
- Expiration
- Recovery
- Disablement
- Lockout
- Password history
- Password reuse
- Password length
- Generic account prohibition
- Group-based privileges
- User-assigned privileges
- User access reviews
- Continuous monitoring6.0 Cryptography
6.1
Given a scenario, utilize general cryptography concepts. - Symmetric vs. asymmetric
- Session keys
- In-band vs. out-of-band key exchange
- Fundamental differences and encryption methods
- Block vs. stream
- Transport encryption
- Non-repudiation
- Hashing
- Key escrow
- Steganography
- Digital signatures
- Use of proven technologies
- Elliptic curve and quantum cryptography
- Ephemeral key
- Perfect forward secrecy
6.2
Given a scenario, use appropriate cryptographic methods. - WEP vs. WPA/WPA2 and pre-shared key
- MD5
- SHA
- RIPEMD
- AES
- DES
- 3DES
- HMAC
- RSA
- Diffie-Hellman
- RC4
- One-time pads
- NTLM
- NTLMv2
- Blowfish
- PGP/GPG
- Twofish
- DHE
- ECDHE
- CHAP
- PAP
- Comparative strengths and performance of algorithms
- Use of algorithms/protocols with transport encryption
- SSL
- TLS
- IPSec
- SSH
- HTTPS
- Cipher suites
- Strong vs. weak ciphers
- Key stretching
- PBKDF2
- Bcrypt
6.3
Given a scenario, use appropriate PKI, certificate management and associated components.
- Certificate authorities and digital certificates
- CA
- CRLs
- OCSP
- CSR
- PKI
- Recovery agent
- Public key
- Private key
- Registration
- Key escrow
- Trust models
CompTIA Security+ Acronyms
The
following is a list of acronyms that appear on the CompTIA Security+
exam. Candidates are encouraged to review the complete list and attain a
working knowledge of all listed acronyms as a
part of a comprehensive exam preparation program.
ACRONYM
|
SPELLED OUT
|
ACRONYM
|
SPELLED OUT
|
3DES
|
Triple Digital Encryption Standard
|
CIRT
|
Computer Incident Response Team
|
AAA
|
Authentication, Authorization and Accounting
|
CMS
|
Content Management System
|
ACL
|
Access Control List
|
COOP
|
Continuity Of Operation Planning
|
AES
|
Advanced Encryption Standard
|
CP
|
Contingency Planning
|
AES256
|
Advanced Encryption Standards 256-bit
|
CRC
|
Cyclical Redundancy Check
|
AH
|
Authentication Header
|
CRL
|
Certificate Revocation List
|
ALE
|
Annualized Loss Expectancy
|
CRM
|
Customer Relationship Management
|
AP
|
Access Point
|
CSO
|
Chief Security Officer
|
API
|
Application Programming Interface
|
CSP
|
Cloud Service Provider
|
APT
|
Advanced Persistent Threat
|
CSR
|
Certificate Signing Request
|
ARO
|
Annualized Rate of Occurrence
|
CSRF
|
Cross-Site Request Forgery
|
ARP
|
Address Resolution Protocol
|
CSU
|
Channel Service Unit
|
ASLR
|
Address Space Layout Randomization
|
CTO
|
Chief Technology Officer
|
ASP
|
Application Service Provider
|
DAC
|
Discretionary Access Control
|
AUP
|
Acceptable Use Policy
|
DBA
|
Database Administrator
|
AV
|
Antivirus
|
DDoS
|
Distributed Denial of Service
|
BAC
|
Business Availability Center
|
DEP
|
Data Execution Prevention
|
BCP
|
Business Continuity Planning
|
DES
|
Digital Encryption Standard
|
BIA
|
Business Impact Analysis
|
DHCP
|
Dynamic Host Configuration Protocol
|
BIOS
|
Basic Input/Output System
|
DHE
|
Data-Handling Electronics
|
BPA
|
Business Partners Agreement
|
DHE
|
Diffie-Hellman Ephemeral
|
BPDU
|
Bridge Protocol Data Unit
|
DLL
|
Dynamic Link Library
|
BYOD
|
Bring Your Own Device
|
DLP
|
Data Loss Prevention
|
CA
|
Certificate Authority
|
DMZ
|
Demilitarized Zone
|
CAC
|
Common Access Card
|
DNAT
|
Destination Network Address Transaction
|
CAN
|
Controller Area Network
|
DNS
|
Domain Name Service (Server)
|
CAPTCHA
|
Completely Automated Public Turing
|
DoS
|
Denial of Service
|
test to tell Computers and Humans Apart
|
DRP
|
Disaster Recovery Plan
| |
CAR
|
Corrective Action Report
|
DSA
|
Digital Signature Algorithm
|
CCMP
|
Counter-mode/CBC-MAC Protocol
|
DSL
|
Digital Subscriber Line
|
CCTV
|
Closed-Circuit Television
|
DSU
|
Data Service Unit
|
CERT
|
Computer Emergency Response Team
|
EAP
|
Extensible Authentication Protocol
|
CFB
|
Cipher Feedback
|
ECC
|
Elliptic Curve Cryptography
|
CHAP
|
Challenge Handshake Authentication Protocol
|
ECDHE
|
Elliptic Curve Diffie-Hellman Exchange
|
CIO
|
Chief Information Officer
|
ECDSA
|
Elliptic Curve Digital Signature Algorithm
|
ACRONYM
|
SPELLED OUT
|
ACRONYM
|
SPELLED OUT
|
EFS
|
Encrypted File System
|
IRP
|
Incident Response Procedure
|
EMI
|
Electromagnetic Interference
|
ISA
|
Interconnection Security Agreement
|
ERP
|
Enterprise Resource Planning
|
ISP
|
Internet Service Provider
|
ESN
|
Electronic Serial Number
|
ISSO
|
Information Systems Security Officer
|
ESP
|
Encapsulated Security Payload
|
ITCP
|
IT Contingency Plan
|
FACL
|
File system Access Control List
|
IV
|
Initialization Vector
|
FDE
|
Full Disk Encryption
|
JBOD
|
Just a Bunch Of Disks
|
FQDN
|
Fully Qualified Domain Name
|
KDC
|
Key Distribution Center
|
FRR
|
False Rejection Rate
|
KEK
|
Key Encryption Key
|
FTP
|
File Transfer Protocol
|
L2TP
|
Layer 2 Tunneling Protocol
|
FTPS
|
Secured File Transfer Protocol
|
LAN
|
Local Area Network
|
GCM
|
Galois Counter Mode
|
LDAP
|
Lightweight Directory Access Protocol
|
GPG
|
GNU Privacy Guard
|
LEAP
|
Lightweight Extensible Authentication Protocol
|
GPO
|
Group Policy Object
|
MaaS
|
Monitoring as a Service
|
GPS
|
Global Positioning System
|
MAC
|
Mandatory Access Control or Media Access Control
|
GPU
|
Graphic Processing Unit
|
MAC
|
Message Authentication Code
|
GRE
|
Generic Routing Encapsulation
|
MAN
|
Metropolitan Area Network
|
HA
|
High Availability
|
MBR
|
Master Boot Record
|
HDD
|
Hard Disk Drive
|
MD5
|
Message Digest 5
|
HIDS
|
Host-based Intrusion Detection System
|
MDF
|
Main Distribution Frame
|
HIPS
|
Host-based Intrusion Prevention System
|
MITM
|
Man-In-The-Middle
|
HMAC
|
Hashed Message Authentication Code
|
MOU
|
Memorandum Of Understanding
|
HOTP
|
HMAC-based One Time Password
|
MPLS
|
Multi-Protocol Layer Switch
|
HSM
|
Hardware Security Module
|
MSCHAP
|
Microsoft Challenge Handshake
|
HSRP
|
Hot Standby Router Protocol
|
Authentication Protocol
| |
HTML
|
Hypertext Markup Language
|
MTBF
|
Mean Time Between Failures
|
HTTP
|
Hypertext Transfer Protocol
|
MTTR
|
Mean Time To Recover
|
HTTPS
|
Hypertext Transfer Protocol over SSL
|
MTTF
|
Mean Time To Failure
|
HVAC
|
Heating, Ventilation and Air Conditioning
|
MTU
|
Maximum Transmission Unit
|
IaaS
|
Infrastructure as a Service
|
NAC
|
Network Access Control
|
ICMP
|
Internet Control Message Protocol
|
NAT
|
Network Address Translation
|
ICS
|
Industrial Control Systems
|
NDA
|
Non-Disclosure Agreement
|
ID
|
Identification
|
NFC
|
Near Field Communication
|
IDEA
|
International Data Encryption Algorithm
|
NIDS
|
Network-based Intrusion Detection System
|
IDF
|
Intermediate Distribution Frame
|
NIPS
|
Network-based Intrusion Prevention System
|
IdP
|
Identity Provider
|
NIST
|
National Institute of Standards and Technology
|
IDS
|
Intrusion Detection System
|
NOS
|
Network Operating System
|
IKE
|
Internet Key Exchange
|
NTFS
|
New Technology File System
|
IM
|
Instant Messaging
|
NTLM
|
New Technology LANMAN
|
IMAP4
|
Internet Message Access Protocol v4
|
NTP
|
Network Time Protocol
|
IoT
|
Internet of Things
|
OAUTH
|
Open Authorization
|
IP
|
Internet Protocol
|
OCSP
|
Online Certificate Status Protocol
|
IPSec
|
Internet Protocol Security
|
OLA
|
Open License Agreement
|
IR
|
Incident Response
|
OS
|
Operating System
|
IRC
|
Internet Relay Chat
|
OVAL
|
Open Vulnerability Assessment Language
|
ACRONYM
P2P
|
SPELLED OUT
Peer to Peer
|
ACRONYM
SEH
|
SPELLED OUT
Structured Exception Handler
|
PAC
|
Proxy Auto Configuration
|
SHA
|
Secure Hashing Algorithm
|
PAM
|
Pluggable Authentication Modules
|
SFTP
|
Secured File Transfer Protocol
|
PAP
|
Password Authentication Protocol
|
SHTTP
|
Secure Hypertext Transfer Protocol
|
PAT
|
Port Address Translation
|
SIEM
|
Security Information and Event Management
|
PBKDF2
|
Password-Based Key Derivation Function 2
|
SIM
|
Subscriber Identity Module
|
PBX
|
Private Branch Exchange
|
SLA
|
Service Level Agreement
|
PCAP
|
Packet Capture
|
SLE
|
Single Loss Expectancy
|
PEAP
|
Protected Extensible Authentication Protocol
|
SMS
|
Short Message Service
|
PED
|
Personal Electronic Device
|
SMTP
|
Simple Mail Transfer Protocol
|
PFS
|
Perfect Forward Secrecy
|
SMTPS
|
Simple Mail Transfer Protocol Secure
|
PGP
|
Pretty Good Privacy
|
SNMP
|
Simple Network Management Protocol
|
PII
|
Personally Identifiable Information
|
SOAP
|
Simple Object Access Protocol
|
PIV
|
Personal Identity Verification
|
SONET
|
Synchronous Optical Network Technologies
|
PKI
|
Public Key Infrastructure
|
SPIM
|
Spam over Internet Messaging
|
POTS
|
Plain Old Telephone Service
|
SQL
|
Structured Query Language
|
PPP
|
Point-to-Point Protocol
|
SSD
|
Solid State Drive
|
PPTP
|
Point-to-Point Tunneling Protocol
|
SSH
|
Secure Shell
|
PSK
|
Pre-Shared Key
|
SSL
|
Secure Sockets Layer
|
PTZ
|
Pan-Tilt-Zoom
|
SSO
|
Single Sign-On
|
RA
|
Recovery Agent
|
STP
|
Shielded Twisted Pair or
|
RA
|
Registration Authority
|
Spanning Tree Protocol
| |
RAD
|
Rapid Application Development
|
TACACS+
|
Terminal Access Controller Access
|
RADIUS
|
Remote Authentication Dial-In User Server
|
Control System Plus
| |
RAID
|
Redundant Array of Inexpensive Disks
|
TCP/IP
|
Transmission Control Protocol/Internet Protocol
|
RAS
|
Remote Access Server
|
TFTP
|
Trivial File Transfer Protocol
|
RBAC
|
Role-Based Access Control
|
TGT
|
Ticket Granting Ticket
|
RBAC
|
Rule-Based Access Control
|
TKIP
|
Temporal Key Integrity Protocol
|
RC4
|
RSA Variable Key Size Encryption Algorithm
|
TLS
|
Transport Layer Security
|
RDP
|
Remote Desktop Protocol
|
TOTP
|
Time-based One-Time Password
|
RIPEMD
|
RACE Integrity Primitives Evaluation Message Digest
|
TPM
|
Trusted Platform Module
|
ROI
|
Return On Investment
|
TSIG
|
Transaction Signature
|
RPO
|
Recovery Point Objective
|
UAT
|
User Acceptance Testing
|
RSA
|
Rivest, Shamir and Adleman
|
UEFI
|
Unified Extensible Firmware Interface
|
RTBH
|
Remote Triggered Black Hole
|
UDP
|
User Datagram Protocol
|
RTO
|
Recovery Time Objective
|
UPS
|
Uninterruptable Power Supply
|
RTP
|
Real-time Transport Protocol
|
URI
|
Uniform Resource Identifier
|
S/MIME
|
Secure/Multipurpose Internet Mail Extensions
|
URL
|
Universal Resource Locator
|
SAML
|
Security Assertions Markup Language
|
USB
|
Universal Serial Bus
|
SaaS
|
Software as a Service
|
UTM
|
Unified Threat Management
|
SAN
|
Storage Area Network
|
UTP
|
Unshielded Twisted Pair
|
SCADA
|
System Control and Data Acquisition
|
VDI
|
Virtualization Desktop Infrastructure
|
SCAP
|
Security Content Automation Protocol
|
VLAN
|
Virtual Local Area Network
|
SCEP
|
Simple Certificate Enrollment Protocol
|
VLSM
|
Variable Length Subnet Masking
|
SCSI
|
Small Computer System Interface
|
VM
|
Virtual Machine
|
SDLC
|
Software Development Life Cycle
|
VoIP
|
Voice over IP
|
SDLM
|
Software Development Life Cycle Methodology
|
VPN
|
Virtual Private Network
|
ACRONYM SPELLED OUT
VTC Video Teleconferencing
WAF Web-Application Firewall
WAP Wireless Access Point
WEP Wired Equivalent Privacy
WIDS
Wireless Intrusion Detection System WIPS
Wireless Intrusion Prevention System WPA WiFi
Protected Access
WPA2 WiFi Protected Access 2
WPS WiFi Protected Setup
WTLS Wireless TLS
XML Extensible Markup Language
XSRF Cross-Site Request Forgery
XSS Cross-Site Scripting
Security+ Proposed Hardware and Software List
CompTIA
has included this sample list of hardware and software to assist
candidates as they prepare for the Security+ exam. This list may also be
helpful for training companies who wish to create a lab component to
their training offering. The bulleted lists below each topic are a
sample list and not exhaustive.
EQUIPMENT
- Router
- Firewall
- Access point
- Switch
- IDS/IPS
- Server
- Content filter
- Client
- Mobile device
- VPN concentrator
- All-in-one appliance
- Enterprise security managers/SIEM suite
- Load balancer
SPARE PARTS/HARDWARE
- Keyboards, mice
- Network cables
- Monitors
TOOLS
- WiFi analyzers
SOFTWARE
- BackTrack
- Proxy server
- Kali/BackTrack
- Virtualization software
- Virtualized appliances
- Wireshark
- TCPdump
- NMAP
- OpenVAS
- Metasploit
- Back Orifice
- Cain & Abel
- John the Ripper
- pfSense
- Security Onion
- Roo
- Any UTM
OTHER
- SourceForge
©
2016 CompTIA Properties, LLC, used under license by CompTIA
Certifications, LLC. All rights reserved. All certification programs and
education related to such programs are operated exclusively by CompTIA
Certifications, LLC. CompTIA is a registered trademark of CompTIA
Properties, LLC in the U.S. and internationally. Other brands and
company names mentioned herein may be trademarks or service marks of
CompTIA Properties, LLC or of their respective owners. Reproduc- tion or
dissemination prohibited without written consent of CompTIA Properties,
LLC. Printed in the U.S. 01754-Feb2016